METHOD AND SYSTEM FOR DATA ENCRYPTION AND DECRYPTION 



CLAIM OF PRIORITY 

This application claims priority of U.S. Patent Application Serial No. 60/417,608 filed 
5 October 10, 2002 entitled "Method and System for Data Encryption and Decryption", the 
teachings of which are incorporated herein by reference. 

TECHNICAL FIELD OF THE INVENTION 

This invention relates generally to the field of information handling, and more specifically 
10 to a method and system for data encryption and decryption. 

BACKGROUND OF THE INVENTION 

The security of information poses challenges for businesses and other organizations 
that transmit and store sensitive information. Data encryption is intended to transform 
15 data into a form readable only by authorized users. One encryption method encrypts 
data in fix-sized blocks known as block ciphers. A typical block cipher will input 128 bits 
and output 128 bits of cipher text. This cipher will apply a secret key to the plain text in 
order to achieve the encryption. It is often written E(K,p). 

Collision attacks such as birthday and meet-in-the-middle attacks have been proven to 
20 reduce an exhaustive key search significantly against block ciphers. Also, new attacks 
known as XSL(Equation Solving Attacks) have also shown positive results. Research is 
also being done in the field of Quantum computing. Advances in this field will make it 
possible to reduce the time it takes to perform an exhaustive key search significantly. 
Therefore, a need has arisen to invent an encryption algorithm that can repel the 
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aforementioned attacks and yet still be fast enough to handle data intensive applications 
that are common in the computer environment. 

The first half of the twentieth century saw the rise of mechanical encryption devices that 
used rotors with electrical contacts to rapidly perform substitutions operations. The 
5 security of these systems lay in the large number of possible initial settings. There are 
inherent weaknesses in rotor-based encryption when the individual rotors increment by 
a fixed amount, typically 1 , as in the fashion of an odometer. Relationships between the 
outputted characters will reveal themselves eventually given enough time and data. 
William F. Friedman's solution to the problem was to increment the rotors in a more 
10 erratic fashion. 

While known approaches have provided improvements over prior approaches, the 
challenges to encrypt digital data continue to increase with demands for more and 
better techniques having greater effectiveness. Therefore, a need has arisen for a new 
method and system for data encryption. 
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SUMMARY OF THE INVENTION 



The present invention achieves technical advantages as a method and system for data 
encryption that substantially eliminates the disadvantages and problems associated with 
previously developed systems and methods. 

5 This system and method according to the present invention is a multi-staged encryption 
system utilizing relative vector offsets, concealed within poly-alphabetic substitutions, 
and a multi-distance cipher chaining scheme. The present invention includes integer 
based offsets, XORs, and Variable-Exchange-Tables (VETs) to achieve superior 
encryption security and processing speed. 

1 o According to one embodiment of the present invention, a system and method for data 

encryption is disclosed. Plain characters are received, and a Key-Table that includes 
key characters corresponding to the plain characters is accessed. Crypto-Variables 
necessary to accomplish the encryption are randomly selected and placed into an 
Initialization-Vector (IV). The IV is encrypted with a block cipher (AES) in order to 
15 obscure the Crypto- Variable settings. A trailing cipher character is selected from the 
encrypted IV and subjected to substitutions from trailing Variable-Exchange-Tables 
(VETs). The selection and settings for these VETs are defined in the IV. 

The following is repeated for each plain character to encrypt the plain characters. The 
first step is XOR'ing the plain text with the above mentioned trailing cipher character. 

2 o Next, a vector offset is calculated in the appropriate Key-Table from an arbitrary starting 

position selected in the IV, from a character that corresponds to the result of the first 
plain text character XOR'd with the encrypted trailing character. This offset points to a 
specific location within a specific Key-Table as measured from an arbitrary starting 
point. This offset is then subjected to multiple substitutions within one or more VETs. 
2 5 The output of one of the intermediary VETs may be used to determine the next Key- 
Table. After these substitutions, the encrypted character is placed in the output stream. 
VET Banks are incremented and the VET settings are incremented to ensure that 
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repetitious input cannot form a distinguishable pattern in output stream. The next 
trailing character is selected from the cipher text and subjected to substitutions based 
on the trailing VETs. This process of obscuring the trailing character is identical on both 
the encryption and decryption sides. The purpose is to not expose the value of the 
5 trailing character which will be XOR'd with the plain character. Then, the cycle begins 
again, except this time the offset is measured from the location of the last Key-Table, 
not the initial starting point, and the next selected Key-Table. After a certain number of 
encryption cycles all of the Crypto-Variables are given new settings. 

The three parts of the algorithm (XOR'ing, offsetting, VETs) give it the strength of a 
10 three-cord strand. The combination of the XOR'ing and offsetting helps prevent 
shortcuts in a brute force attack. As soon as the decryption finds an erroneous 
character in the key, the combination XOR'ing and offsetting insures that the 
subsequent decryption turns to gibberish. If not for this characteristic, an attacker may 
discover any remaining key characters that may be correct based on the output. For 
1 5 instance, "AAAOAzAAyAAAAA" when the desired result is "AM6bz 23 ^ypuaecetCEl". 
Also, attacks on a reduced portion of the key are frustrated as the offsetting process has 
at its disposal any part of the key for each iteration. 

Advantageously, frequency analysis of the present invention is of no value, as the 
output data stream very closely resembles random data. Known text does not give the 
20 attacker any advantage as the combination salt plus IV creates a unique encryption with 
every message. The relationship between the characters in the cipher text has little or 
no meaning because a new VET is incorporated for each character. 

Further, after a period of 4096, which is 1/16 ^ of the entire cycle for VET iteration, new 
VETs are selected, new VET setting are selected and VET banks are swapped. Even 
2 5 the moment at which this occurs is unknown as the starting cycle settings are randomly 
selected. 
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Further, since AES is implemented in the encrypting of the IV, the task of breaking the 
algorithm is exponentially more difficult as AES and the present invention need to be 
broken in concert. 
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BRIEF DESCRIPTION OF THE DRAWINGS 



For a more complete understanding of the present invention and for further features and 
advantages, reference is now made to the following description, taken in conjunction 
5 with the accompanying drawings, in which: 

FIGURE 1A illustrates one embodiment of Key-Tables according to the present 
invention, and Figures IB and 1C illustrate how offsets are derived from Key-Tables; 

FIGURE 2A-2C illustrate one embodiment of Variable-Exchange-Tables that may be 
used according to the present invention; 

1 0 FIGURES 3 illustrates one embodiment of Reverse- Variable-Exchange-Tables that allow the 
recovery of the values returned from the Variable-Exchange-Tables; 

FIGURE 4A-4C illustrate one embodiment of why Variable-Exchange-Tables are 
different form rotor wheels used in prior art; 

FIGURE 5 illustrates one embodiment of an Initialization-Vector according to the 
15 present invention; 

FIGURE 6 is a flowchart of one embodiment of a method for encrypting data according 
to the present invention; and 

FIGURE 7 illustrates one embodiment of a Key-Table Schedule according to the 
present invention; 
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Table 1A - Key-Tables 



10 



15 



20 



0) 0 238 255 

1) 0 251. ..255 

2) 0 150 , 255 

3) 0 34 255 

4) 0 139 255 

5) 0 100... 255 

6) 0 239 255 

10) 0 165 255 

11) 0 126 255 

15) 0 55 255 

16) 0 235 255 

17) 0 216 255 

23) 0 133 255 



61) 0 211 255 

62) 0 89 255 

63) 0 229 255 



25 Table 1B Example 1 



0) 0 238 255 

1) 0 25,1. ..255 
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Table 1C Example 2 
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Variable-Exchange-Tables (VETs) 
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Table 2A-Not shifted 
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Table 2B - 
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Table 2C - 


Shifted 2 positions 
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Table 3 Reverse-Variable-Exchange-Tables (RVETs) 
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Variable-Exchange-Tables (VETs) 
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Table 4A-VET1 
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Table 4B - VET2 
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10 Table 4C-VET3 



0 


1 


2 


3 


4 


5 


6 


7 


8 


9 


I 


0 


1 


2 


3 


4 


5 


6 


7 


8 


9 


1 


3 


7 


4 


9 


6 


0 


8 


5 


2 


« 


1 


3 


7 


4 


9 


6 


0 


8 


5 


2 



9 



108801-00019 



Table 5 Initialization-Vector (IV) 





VFT Spttinn 1 
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VFT Settinn 2 
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VET Setting 4 


- possible values 0 - 


255. 


8 bits) 




VET 1 (Table Selection 1) 


- possible values 0 - 


15. 


(4 bits) 




VET 2 (Table Selection 2) 


- possible values 0 - 


15. 


(4 bits) 


10 


VET 3 (Table Selection 3) 


- possible values 0 - 


15. 
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VET 4 (Table Selection 4) 


- possible values 0 - 


15. 


(4 bits) 




Starting Coordinate 


- possible values 0 - 


255. 
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Table Number 


- possible values 0 - 
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Random Data (salt) 


- possible values 0 - 


2 A 49 


(49 bits) 




(Salt can be used as a counter to prevent replay 


attacks) 
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Table 6 - Key-Table-Schedule 



unsigned char KEY_TABLE_SCHEDULE[512] = { 
0,9,1,10,2,11,3,12,4,13,5,14,6,15,7,16,8, 
5 0,10,3,13,6,16,9,2,12,5,15,8,1,11,4,14,7, 
0,8,16,7,15,6,14,5,13,4,12,3,11,2,10,1,9, 
0,11,5,16,10,4,15,9,3,14,8,2,13,7,1,12,6, 
0,7,14,4,11,1,8,15,5,12,2,9,16,6,13,3,10, 
0,12,7,2,14,9,4,16,11,6,1,13,8,3,15,10,5, 

10 0,6,12,1,7,13,2,8,14,3,9,15,4,10,16,5,11, 
0,13,9,5,1,14,10,6,2,15,11,7,3,16,12,8,4, 
0,5,10,15,3,8,13,1,6,11,16,4,9,14,2,7,12, 
0,14,11,8,5,2,16,13,10,7,4,1,15,12,9,6,3, 
0,4,8,12,16,3,7,11,15,2,6,10,14,1,5,9,13, 

15 0,15,13,11,9,7,5,3,1,16,14,12,10,8,6,4,2, 
0,3,6,9,12,15,1,4,7,10,13,16,2,5,8,11,14, 
0,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1, 
0,2,4,6,8,10,12,14,16,1,3,5,7,9,11,13,15,2, 

20 0,9,1,10,2,11,3,12,4,13,5,14,6,15,7,16,8, 
0,10,3,1 3,6,16,9,2,12,5,15,8,1 ,1 1 ,4,14,7, 
0,8,16,7,15,6,14,5,13,4,12,3,11,2,10,1,9, 
0,11,5,16,10,4,15,9,3,14,8,2,13,7,1,12,6, 
0,7,14,4,11,1,8,15,5,12,2,9,16,6,13,3,10, 

25 0,12,7,2,14,9,4,16,11,6,1,13,8,3,15,10,5, 
0,6,12,1,7,13,2,8,14,3,9,15,4,10,16,5,11, 
0,13,9,5,1,14,10,6,2,15,11,7,3,16,12,8,4, 
0,5,10,15,3,8,13,1,6,11,16,4,9,14,2,7,12, 
0,14,11,8,5,2,16,13,10,7,4,1,15,12,9,6,3, 

30 0,4,8,12,16,3,7,11,15,2,6,10,14,1,5,9,13, 
0,15,13,11,9,7,5,3,1,16,14,12,10,8,6,4,2, 
0,3,6,9,12,15,1,4,7,10,13,16,2,5,8,11,14, 
0,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1, 
0,2,4,6,8,10,12,14,16,1 ,3,5,7,9,1 1 ,13,15,2}; 

35 
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DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS AND BEST MODE 



For reasons of clarity and brevity the various elements that make up this system and 
method for data encryption will be illustrated in detail first, then the overall methodology 
5 will be discussed in detail. 

Figure 1 depicts a system 10 according to the present invention adapted to perform the 
method of the present invention, seen to include a processor 12 having an input 14 and 
an output 16, and a memory 18. When system 10 is utilized for encryption, plain text is 
input to input 14 and encrypted data is provided at output 16. When system 10 is 
10 utilized for decryption, encrypted data is provided to input 14 and plan text data is 
provided at output 16. 

Explanation of Offsets 

In its simplest terms, an offset is a vector distance from some arbitrary starting point to a 
15 point of interest. In the context of this invention, an offset is the distance from some 
arbitrary point in an indexed array of characters to a character of interest. 

FIGURE 2A shows 64 separate character arrays also known as Key-Tables , each 
containing one instance of each of the 256 ASCII characters. In this example the 
character 'A' is located at the position indicated by the middle number. For instance, in 
2 o the first table, 'A' is located at position 238. 
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Offset Example 1 as shown in FIGURE 2B 



The vector distance between 'A' in Table 0 and 'A' in Table 1 is (251 - 238) = 13. 
Therefore, the vector or offset is 13. 

Offset Example 2 as shown in FIGURE 2C: 

For example, if a random starting coordinate is 210 and the plain text is "AAAA" and the 
table selection is 16,1 1,6,0 (table selection is derived from another process as will be 
described shortly) then the following is done by process or 16: 

Step 1) Measure the distance between 'A' in table 16 and the starting coordinate 210. 

(235 -210) = 25 

Step 2) Measure the distance between W in table 1 1 and previous coordinate 235. 
(126 - 235) = -109 + 256 = 147 (Note: add 256 if < 0) 

Step 3) Measure the distance between 'A' in table 6 and previous coordinate 126. 
(239- 126) = 113 

Step 4) Measure the distance between 'A' in table 0 and previous coordinate 239. 
(238 - 239) = -1 + 256 = 255 (Note: add 256 if < 0) 

13 
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The resulting offsets are: 25,147,1 13,255 
To recover the offsets: 

Start at 210, add 25. Result is 235 in table 16. 
5 Start at 235, add 147. Result is 126 in table 11. 
• Start at 1 26, add 1 1 3. Result is 239 in table 6. 
Start at 239, add 255. Result is 238 at table 0. 

Offsetting is advantageous in that it has poly-alphabetic characteristics. For instance, 
10 the offset of 25 could be the distance between 'A' and 'A' or 'A' and 'B' or potentially any 
two characters. There are 1 ,048,576 different ways (64*64*256) to arrive at 25. 

Explanation of the Variable-Exchange-Tables 

The Variable-Exchange-Tables used by Asier are Roughly analogous to the 
15 electromechanical rotors used in crypto machines of the early 20 th century. 

There are inherent weaknesses in rotor-based encryption when the individual rotors 
increment by a fixed amount, typically 1 , as in the fashion of an odometer. 
Relationships between the outputted characters will reveal themselves eventually given 
enough time and data. William F. Friedman's solution to the problem was to increment 
20 the rotors in a more erratic fashion. 
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One important difference is that a mechanical rotor would typically have 26 contacts and 
thus 26! possible fixed wirings. The VETs of the present invention have 256 characters 
and are "electronically wired" uniquely for each key. 

The present invention eliminates this prior art weakness not only by incrementing the 
5 VET settings erratically, but also by rotating new VET for each iteration. The algorithm 
of the present invention (shown in Figure 2) has a total of 64 VETs in 4 banks (16 in 
each bank). The VETs themselves increment in a fashion similar to an odometer, with 
the middle VETs being the fast VETs. The algorithm of the present invention has a 
period of 16*16*16*16, or 65536, just for the VETs. (VET stepping is an additional 

10 256*256*256*256) However, before this cycle reaches a period of 4096 (period of 3 
VET banks (16*16*16)), the individual VET settings change, individual stepping 
positions change, and VET arrangements change (VET banks are swapped). The VET 
setting changes are made in an erratic fashion, accomplishing the same principal as set 
out by William F. Friedman, but using the method of the present invention having much 

1 5 more entropy - (256!) A 64 th power. 

Tables 2A -2C show a Variable-Exchange-Table (VET) with a reduced character set. A 
value is arrived by passing in an index value and returning the value, stored at that 
index. 

20 For instance: 

In Table 2A, will return 7. 
In Table 2B, will return 1. 
In Table 2C, will return 9. 
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Advantageously, the tables are doubled in order the give the tables a circular nature. 
This will enables an index value to be added, in this case 0-9, to the starting position of 
0 in the left half of the table, and arrive at a correct value without having to waste 
processor time by wrapping back around to the beginning of the table if necessary. 

5 

Reverse-Variable-Exchange-Tables 

The Reverse-Variable-Exchange-Tables allow the recovery of the values returned from 
the Variable-Exchange-Tables. For instance: 

10 In the example of Table 2A, 3 returned 7. To recover this value, the index value of 7 is 
followed and the value of 3 is stored there, thereby recovering the original value. 

In the example for Table 2B, 3 returned 1. To recover this value, the index value of 1 is 
followed and the value of (4 - shift value 1) = 3 is returned, thereby recovering the 
original value. 

15 In the example for Table 2C, 3 returned 9. To recover this value, the index value of 9 is 
followed and the value of (5 - shift value 2) = 3, thereby recovering the original value. 

Why Computer based VETs of the present invention are different and 
advantageous over traditional Rotors 

20 

One obvious way in which the computer based VETs of the present invention differ from 
electro-mechanical rotors is that they exist only in a digital world and can be easily 
replaced. Since VETs are generated and stored on an as needed basis, they are more 
difficult to steal and copy, especially if they are stored encrypted when not in use. 
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There are also significant mathematical and operational differences in the use of VETs 
versus Rotors that will be covered next. Table 4 shows an embodiment of VETs, while 
Table 2 and Table 3 are referenced for comparative purposes. 



In classic rotor based encryption, the encryption of 1 rotor is merely a substitution cipher 
5 plus the correct rotor displacement. For example: 

Using Figure 2 as traditional rotors (by ignoring all values to the right of the Grey line) 

Table 2A - Not shifted 

Table 2B - Shifted 1 position 

Table 2C - Shifted 2 positions 

10 

These Tables show a rotor with a reduced character set. A value is arrived by passing 
in an index value and returning the value stored at that index. Afterward, the rotor is 
shifted 1 position. This is basic rotor encryption and is prior art. 

15 For instance: 

In Table 2A 3 will return 7. 
In Table 2B 3 will return 1. 
In Table 2C 3 will return 9. 
Table 3 - Reverse Rotor 

20 
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The reverse rotor allows the recovery of the values substituted in the rotor. For 
instance: 



In the example of Table 2A, for values 7,1 ,9: 

5 7 returns (3 - shift value 0) = 3. 
1 returns (4 - shift value 1) = 3. 
9 returns (5 - shift value 2) = 3. 

As shown, every substitution is fixed plus the displacement of the rotor setting. It is 
appreciated things get quite a bit more complicated when using an array of rotors. Still, 
10 the possibility of building relationships with the outputted characters exists. 

Now, an example of exchanging VETs will be discussed (all tables are set to 0 in this 
example): 

Note that the tables are doubled in order the give the tables a circular nature. This 
enables an index value to be added, in this case 0-9, to the starting position of 0 in the 
15 left half of the table, and arrive at a correct value without having to wrap back around to 
the beginning of the table. 

Table 4A-VET1 
Table 4B-VET2 
20 Table 4C-VET3 
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In Table 4A 3 will return 7. 
In Table 4B 3 will return 5. 
In Table 4C 3will return 4. 

5 In terms of classic rotor based encryption, this method has the net effect of shifting the 
first VET (Table 4A) 0,4,7, thus accomplishing an erratic table (rotor) movement. This 
erratic effect is achieved using very little computer processing. One might think using a 
pseudo random number generator to shift the VET might be a better fit, however, it 
takes almost as many processor steps to generate a random number as it does to 
10 encrypt a character. This is one major difference between the methodology of the 
present invention and prior art. 

Also, after a period of 4096, all the VET settings are randomly reset. Note the 4096 is 
16*16*16, or a period of 3 VET banks. This is done so that at the moment there may be 
information leaked, all the crypto variables are changed. In other words, an attacker 
15 has at most 4096 characters with which cryptanalysis could take place, which is not 
near enough data to work with. 



To summarize: 

• VETs are 256 characters long and not the normal 26. 

20 • This invention incorporates a new rotor between each encrypted character. 

• VETs are "wired" uniquely. 

• VETs are doubled in memory to accommodate the computer environment, 
without using extra processing power to wrap the table back around. 

19 
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• After a period, all the VET settings and VET banks change. 

Explanation of the Initialization-Vector 

5 Table 5 shows the Initialization-Vector ("IV"), which sets the initial state of the algorithm 
and assigns values to all the Crypto-Variables. 

The values of the IV are obtained by using a PRNG. To obscure the values of the IV 
from an attacker, the IV is encrypted by using the AES block cipher. The reason for 
using AES is to take advantage of the confusion/diffusion properties of block ciphers. If 
10 there is just 1 bit difference in the IV, the resulting AES cipher text will be completely 
different. Therefore, it takes all 16 characters of the IV to arrive at the correct settings. 
To accommodate the AES algorithm, the IV has a total of 16 characters. As such, the 
encrypted data will expand by 16 bytes. 

The IV serves 2 purposes - obscuring the VET settings, and providing salt for the 
15 encrypted message. This dual purpose advantageously prevents the same message 

encrypting the same way twice. For the same message to be encrypted the same way 

twice with the same key, all of the Crypto-Variable settings need to be identical. 

Additionally, the same Random Data (salt) needs to be selected as well. One bit 

difference will result in a completely different AES encryption, which in turn will create a 
2 o completely different cipher text (the combination of the trailing XOR and offsetting 

insures this). As a result, the only way to recover the IV is an exhaustive search of 128 

bits. 
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Explanation of the Encryption Process 

Figure 2 shows a flow chart of the encryption process acceding to the present 
invention. The process begins at step 600. At step 605, the encryption key is loaded 
5 into memory 1 8. Some portions of the key appear more the once in the memory 1 8, 
and this is to facilitate the fastest possible encryption. 

At step 610 a plain text data buffer is received. 

At step 615, the Initialization-Vector (IV) is created. This IV contains the Crypto- 
Variables necessary to carry out the encryption process. Value selection for these 

10 variables is accomplished with either a true random number generator (TRNG) or a 
pseudo random number generator (PRNG). The first four of these variables are the 
starting position settings of the four VETs, and these may have any value 0-255. Which 
individual VETs to use out of the banks are selected next. In this embodiment, there 
are 16 VETs in each of the four banks. A Key-Table from each bank is selected with 

15 possible values are 0 -1 5. Next, a starting coordinate within the first Key-Table is 

randomly selected and may have any value 0-255. Which of the sixty-four Key-Tables 
to start with is selected next. There are twenty-four different ways to arrange 4 banks of 
VETs, and one of these is selected. Next, the number of plain text characters to encrypt 
before selecting new Crypto-Variables is randomly chosen. The allowable values for 

2 o this 0-4095, which is many orders of magnitude smaller then the calculated 

characteristic repetition period of this cipher. Finally, several bits of random data are 
generated and placed in the IV. This is used as filler, however, can work quit nicely as 
a message counter. 

In step 617, a block cipher such as AES, is used to encrypt the entire IV before it is 
25 added to an output buffer. 

At step 620, a trailing cipher character is selected, which may be any distance of 1 -16 

characters before the current character, but in this embodiment, is 16 characters before 
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the current cipher character. Since the encryption process has just started, the first 
character in the encrypted IV of the output buffer is selected and subjected to step 670 
before it is applied to step 630. 

In step 625, the first character in the input buffer becomes the current character. In step 
5 630, the encrypted trailing cipher character is XOR'd with the current character. This is 
a bit-wise integer operation that effectively obscures the current character. Step 635 
calculates an offset between the previous coordinate in the previous Key-Table and the 
current coordinate in the current Key-Table. In the case of the first character, the offset 
is measured from the starting coordinate selected in Step 615, and the current (XOR'd) 
io character in the Key-Table also is selected in step 615. 

In step 641 , the offset generated in step 635 is used as an index to a first VET which 
outputs a completely different value. In step 642, the output generated in step 641 is 
used as an index to a the second VET which outputs a completely different value. In 
step 643, the output generated in step 642 is used as an index to a second VET which 
15 outputs a completely different value. This value is passed to step 644, but is also used 
to determine the next Key-Table. 

In step 644, the output generated in step 643, is used as an index to the second VET 
which outputs a completely different value. In step 645, the result of step 644 is placed 
into the output buffer. Step 650 rotates the appropriate tables of VET banks. Step 655 
2 o increments the starting position of the appropriate VETs. 

Step 660 selects the next trailing cipher character that has already been encrypted. 
Step 670 further obscures the meaning of the trailing character by encrypting it again. 
This is so the trailing cipher character in never exposed. Substitutions are carried out 
on the trailing cipher character by applying trailing VETs to it. In steps 671 and 672, the 
2 5 output from step 672 is fed into step 620. Step 680 checks to see if the cycle length 
established in step 615 has expired. If it hasn't expired, and if it is not the end of the 
plain text (step 690), then operations proceed to step 620. If step 680 finds that the 
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cycle has ended, then it proceeds to step 683. In step 683, the last 16 ciphered 
characters are copied from the output buffer and subjected to a secondary block cipher. 
In step 685, the output of the block ciphered cipher text is parsed and used to reset the 
Crypto-Variable before encryption operations can resume. Step 690 checks to see it 
5 there are any more plain text characters to encrypt. If necessary, the process proceeds 
to step 620, if not, it ends at step 695. 

Explanation of the Key-Table-Schedule 

10 Table 7 shows the Key-Table-Schedule for a key block of 1 7 Key-Tables. This table or 
array selects the next table for offsetting operations. For instance if the first table 
selected was at the beginning of this array, then Key-Table 0 is selected, then Key- 
Table 9, then Key-Table 10, etc... This array is doubled so that the algorithm can start 
at any index (top half) 0-255, and continue for 256 iterations without going beyond the 

1 5 range of the array. An alternative embodiment uses the output of one of the Variable- 
Exchange-Tables to select the next Key-Table and does not use a Key-Table-Schedule. 

The Relationship Between Key-tables and Variable-Exchange-Tables 

Key-Table and VETs were each described in there own section. A Key Table is an 
2 o indexed array filed with randomly chosen values corresponding to the character set. 
The Key-Tables are used to determine a vector between the location of a plain 
character in one Key-Table and the next. A VET is a "Special Use" of a Key-Table. 
What is meant by this is that exactly the same array is used, but instead of measuring 
the distance between indices to find an offset vector, a value is brought to the VET, that 
25 value indicated which indexed character in Table should be substituted for the original 
value. 
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Sample Encryption 



Key Table 0. 



A 


B 


C 


D 


E 


F 


G 


H 


I 


J 


H 


E 


J 


A 


F 


G 


C 


I 


D 


B 


Key Table 1 . 


A 


B 


C 


D 


E 


F 


G 


H 


I 


J 


C 


J 


G 


I 


H 


D 


B 


A 


E 


F 


Key Table 2. 


A 


B 


C 


D 


E 


F 


G 


H 


I 


J 


B 


F 


E 


H 


A 


C 


F 


D 


G 


I 


Key Table 3. 


A 


B 


C 


D 


E 


F 


G 


H 


I 


J 


C 


I 


F 


G 


B 


A 


D 


J 


H 


E 
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Key Table 4. 



A 


B 


C 


D 


E 


F 


G 


H 


1 


J 


D 


J 


E 


H 


G 


A 


C 


1 


B 


F 


Key Table 5. 


A 


B 


C 


D 


E 


F 


G 


H 


1 


J 


1 


J 


E 


D 


A 


G 


B 


H 


F 


C 


Key Table 6. 


A 


B 


C 


D 


E 


F 


G 


H 


1 


J 


F 


A 


D 


C 


J 


G 


B 


H 


E 


1 


Key Table 7. 


A 


B 


C 


D 


E 


F 


G 


H 


1 


J 


B 


F 


G 


H 


1 


C 


D 


J 


A 


E 


Key Tablet: 


A 


B 


C 


D 


-E 


F 


G 


H 


1 


J 


F 


A 


C 


B 


E 


1 


J 


G 


D 


H 



10 
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Key Table 9. 



A 


B 


C 


D 


E 


F 


G 


H 


1 


J 


A 


H 


D 


G 


F 


J 


1 


C 


B 


E 



Above are 10 Key-Tables with a reduced character set. 
A=0, B=1, C=2, D=3, E=4, F=5, G=6, H=7, l=8, J=9 
VET Bank 1 VET Bank 2 VET Bank 3 
Key Tbl 0 Key Tbl 3 Key Tbl 6 



A 


H 


B 


E 


C 


J 


D 


A 


E 


F 


F 


G 


G 


C 


H 


I 


I 


D 


J 


B 



A 


C 


B 


I 


C 


F 


D 


G 


E 


B 


F 


A 


G 


D 


H 


J 


I 


H 


J 


E 



A 


F 


B 


A 


C 


D 


D 


C 


E 


J 


F 


G 


G 


B 


H 


H 


I 


E 


J 


I 
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Key Tbl 1 



Key Tbl 4 



Key Tbl 7 



A 


C 


B 


J 


C 


G 


D 


I 


E 


H 


F 


D 


G 


B 


H 


A 


I 


E 


J 


F 



A 


D 


B 


J 


C 


E 


D 


H 


E 


G 


F 


A 


G 


C 


H 


I 


I 


B 


J 


F 



A 


B 


B 


F 


C 


G 


D 


H 


E 


I 


F 


C 


G 


D 


H 


J 


I 


A 


J 


E 
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Key Tbl 2 



KeyTbl5 Key Tbl 8 



A 


B 


B 


F 


C 


E 


D 


H 


E 


A 


F 


C 


G 


F 


H 


D 


1 


G 


J 


1 



A 


1 


B 


J 


C 


E 


D 


D 


E 


A 


F 


G 


G 


B 


H 


H 


1 


F 


J 


C 



A 


F 


B 


A 


C 


C 


D 


B 


E 


E 


F 


1 


G 


J 


H 


G 


1 


D 


J 


H 



Above are three Variable-Exchange-Table(VET) Banks. 

An example of encrypting the phrase "CIA": 

5 As shown in the flow chart of Figure 2, the first step creates an initialization-vector(IV). 
For the sake of brevity, the crypto-variables are set to 0, except for the VET table 
selection in VET Bank 2 (set to 1) and the IV is arbitrarily encrypted with characters 
found in the tables. The encryption of the IV is done with a block cipher and in this 
example is not necessary to demonstrate as it is already well known to anyone 
io practiced in the art. 
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IV = G, D, B, 



Crypto-Variables: 
VET Setting 1 = 0 
5 VET Setting2 = 0 
VET Setting3 = 0 
VET 1(tbl selection) = 0 
VET 2(tbl selection) = 1 
VET 3(tbl selection) = 0 
10 Coordinate(starting) = 2 
TableNum = 4 

Take first character in the IV and push through the trailing VET's, which in this case is 
made up of Key-Table 9 and 3. 

15 
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Key Tbl 9 



Key Tbl 3 



A 


A 


B 


H 


C 


D 


D 


G 


E 


F 


F 


J 


G 


1 


H 


C 


1 


B 


J 


E 



A 


C 


B 


1 


C 


F 


D 


G 


E 


B 


F 


A 


G 


D 


H 


J 


1 


H 


J 


E 



G becomes I then I becomes H, or numerically speaking 7 



Take 7 and xor with 'C\ 



H(7) * C(2) = F(5) 



30 



Locate the position of F in Key-Table 4, 4 was assigned to the TableNum variable in 
the creation of the IV. 

F is found in the 9 th position in Key-Table 4. 

5 

Take 9 and subtract starting Coordinate of 2. 
9-2 = 7,7 now becomes the current Coordinate. 

Take H(7) and push it thru 1 table in each of the VET banks. 

10 Note: to comply with the IV settings, VET Bank 2 is rotated to hold the second table or 
VET in the Bank. 
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Key TbI 0 Key TbI 4 Key TbI 6 



A 


H 


B 


E 


C 


J 


D 


A 


E 


F 


F 


G 


G 


C 


H 


1 


1 


D 


J 


B 



A 


D 


B 


J 


C 


E 


D 


H 


E 


G 


F 


A 


G 


C 


H 


1 


1 


B 


J 


F 



A 


F 


B 


A 


C 


D 


D 


C 


E ■ 


J 


F 


G 


G 


B 


H 


H 


1 


E 


J 


1 



H becomes I, I becomes B, B becomes A 

Note: the TableNum variable is assigned B or 1 for the next round. 



A is the first cipher character. 



Repeat the process for the character T 
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Take the next cipher character in the IV 'D' and push thru the trailing VET's. Note, the 
starting position in the first trailing VET is incremented by 1. 



KeyTbl9 KeyTbl3 



A 


H 


B 


D 


C 


G 


D 


F 


E 


J 


F 


I 


G 


C 


H 


B 


I 


E 


J 


A 



A 


C 


B 


I 


C 


F 


D 


G 


E 


B 


F 


A 


G 


D 


H 


J 


I 


H 


J 


E 



D becomes F, F becomes A 



Xor A with the next character T of "CIA" 
A(0) A l(8) = l(8) 
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Locate the position of T in Key-Table 1 , which is the current value of the TableNum 
variable. 



5 I is found in the 3rd position in Key-Table 1 . 
Take 3 and subtract current Coordinate of 7. 
3 - 7 = -4 +10 = 6, 6 now becomes the current Coordinate. 

Take 6 or G and push it thru 1 table in each of the VET Banks. 

10 Note: a new table in VET Bank 2 is rotated to hold the third table in the Bank. Also note 
that the starting position of the middle table is incremented by 1 . 
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KeyTblO KeyTbl5 KeyTbl6 



A 


H 


B 


E 


C 


J 


D 


A 


E 


F 


F 


G 


G 


C 


H 


1 


1 


D 


J 


B 



A 


J 


B 


E 


C 


D 


D 


A 


E 


G 


F 


B 


G 


H 


H 


F 


1 


C 


J 


1 



A 


F 


B 


A 


C 


D 


D 


C 


E 


J 


F 


G 


G 


B 


H 


H 


1 


E 


J 


1 



G becomes C, C becomes D, D becomes C 

Note: the TableNum variable is assigned D or 3 for the next round. 



C is the next cipher character. 



Repeat the process for the character 'A' 
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Take the next cipher character in the IV 'B' and push thru the trailing VET's. Note the 
starting position in the first trailing VET is again incremented by 1 . 



KeyTbl9 KeyTbl3 



A 


D 


B 


G 


C 


F 


D 


J 


E 


I 


F 


C 


G 


B 


H 


E 


I 


A 


J 


H 



A 


C 


B 


I 


C 


F 


D 


G 


E 


B 


F 


A 


G 


D 


H 


J 


I 


H 


J 


E 



B becomes G, G becomes D 



Xor D with the next character 'A' of "CIA" 
G(6) A A(0) = G(6) 
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Locate the position of 'G' in Key-Table 3, which is the current value of the tableNum 
variable. 



5 G is found in the 3rd position in Key-Table 3. 
Take 3 and subtract current Coordinate of 6. 
3 - 6 = -3 +10 = 7, 7 now becomes the current Coordinate. 

Take 7 or H and push it thru 1 table in each of the VET Banks. 

l o Note: a new table in VET Bank 2 is wrapped back around to hold the first table in the 
Bank. Also note that the starting position of the middle table is incremented by 1 . Also 
note that the second table in VET Bank 3 is rotated into position. 
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KeyTblO KeyTbl3 KeyTbl7 



A 


H 


B 


E 


C 


J 


D 


A 


E 


F 


F 


G 


G 


C 


H 


1 


1 


D 


J 


B 



A 


F 


B 


G 


C 


B 


D 


A 


E 


D 


F 


J 


G 


H 


H 


E 


1 


C 


J 


1 



A 


B 


B 


F 


C. 


G 


D 


H 


E 


1 


F 


C 


G 


D 


H 


J 


1 


A 


J 


E 



H becomes I, I becomes C, C becomes G 
G is the last cipher character. 



The resulting IV plus cipher text looks like this: 



GDB. 



.ACG 
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One embodiment of this invention has a symmetric encryption key length of 40,960 bits, 
and can encrypt data substantially faster than AES can with a 256 bit key. This has 
been fully realized as computer software and tested. 

Embodiments of the invention provide numerous technical advantages. One technical 
5 advantage of one embodiment is that relative offsets between key characters that 
correspond to plain characters are used to encrypt a message. By using relative offsets 
and trailing XORs, the encryption of a message results in a different output each time 
the message is encrypted, thus improving security without substantial use of processing 
power or time. Another technical advantage of one embodiment is that changing 
10 anything in the IV results in different encrypted characters, even when the same 
message is encrypted multiple times. 

Another technical advantage of one embodiment is that a key may have many Key- 
Tables driving the overall size of the key into the tens or hundreds of thousands of bits, 
effectively preventing an exhaustive key search or an equation solving attack. Since all 
15 of the operations are integer based, modern computers can do them very rapidly. An 
encryption system based on this embodiment with a typical 40,960 bit key can encrypt 
data faster than AES can with a 256 bit key and has substantially more possible keys. 

Additional modifications of the invention for specific operational requirements are within 
the scope of this invention, such as having more or fewer VETs and/or VET banks, 
2 o longer periods for the cycle, and incrementing VET settings between each byte by a non 
fixed amount. Any block cipher can be substituted for AES as long as the 
confusion/diffusion properties remain. 

Although an embodiment of the invention and its advantages are described in detail, a 
person skilled in the art could make various alterations, additions, and omissions 
25 without departing from the spirit and scope of the present invention as defined by the 
appended claims. 
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Other technical advantages are readily apparent to one skilled in the art from the 
following FIGURES, descriptions, and claims. 
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